Ability to manage Personal Access Tokens through the API
Description
As per my understanding, the only way to create Personal Access Tokens currently is through the web UI. I guess this makes sense for most use-cases as the token itself is often used to authenticate against the API. However, I would like to have the ability to add access tokens for a particular user through the API (when authenticated as an administrator).
My use-case is that I use Gitlab mostly as a "backend service" through the API from my applications and users don't interact with Gitlab directly through the UI. I need to generate access tokens for users so they e.g. can pull private docker images from the internal container registry. The end user doesn't even know they have a Gitlab account so requiring them to log in in order to add the token is impossible. I am looking for a fully automated process. When new users are created through the API, I also need to add the access token to it so other systems can pull from their container registry using the token. Storing the user's password for this purpose is something I'd like to avoid.
I really like how Gitlab is generally good at keeping the API in parity with the UI functionality, but this is one area I think is missing. I don't think it would be too much effort to get this implemented?
Proposal
Add new endpoints to the API to allow an administrator to add/revoke/list access tokens for a particular user.